Open Source Security: Best Practices for Early Detection and Risk Mitigation

Explore best practices for early detection and risk mitigation in open source security during this 55-minute webinar by Canonical Ubuntu. Learn about essential knowledge, tools, and processes to keep open-source software free from vulnerabilities and threats. Discover how to address the alarming statistic that 80% of enterprise codebases contain vulnerabilities, with half being high-risk. Gain insights into keeping systems up-to-date, understanding open source security considerations, implementing effective monitoring and vulnerability patching strategies, and leveraging automation. Watch a hands-on demonstration of vulnerability detection and patching in action. Benefit from the expertise of speakers Leck Sandecki and Alex Burrage as they cover topics such as Ubuntu security, vulnerability triage, LTS vs Ubuntu Pro, security coverage, community support, and Canonical's approach to long-term support and internal testing.

Introduction
Open source security landscape
Open source knowledge
Using a platform like Ubuntu
Processes
Ubuntu security
Vulnerability triage
LTS vs Ubuntu Pro
Security coverage
Support from the community
Backboarding
Canonical approach
Long term support
Internal testing
Fix availability
Advice
Ubuntu LTS
Dependencies
Data point
Ubuntu vs Debian security
Ubuntu security fixes
Security vulnerabilities that have no fix available
We dont create our own fixes
Ubuntu Wiki
Pricing
Canonical best practices
Snaps
Snaps Confinement
CIS Hardening
CVS triage
Canonical support